Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,831
Maven
5,000+
npm
4,462
NuGet
775
pip
4,226
Pub
12
RubyGems
972
Rust
1,093
Swift
47
Unreviewed advisories
All unreviewed
5,000+

12 advisories

Loading
An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially... High Unreviewed
CVE-2025-67303 was published Jan 5, 2026
BullWall Ransomware Containment contains excluded file paths, such as '$recycle.bin' that are not... High Unreviewed
CVE-2025-62001 was published Dec 18, 2025
An issue discovered in Dyson App v6.1.23041-23595 allows unauthenticated attackers to control... High Unreviewed
CVE-2025-56558 was published Oct 29, 2025
An internal product security audit of Lenovo XClarity Orchestrator (LXCO) discovered the below... High Unreviewed
CVE-2025-8557 was published Sep 11, 2025
In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-copy is used (for MSG_TRUNC in... High Unreviewed
CVE-2025-54351 was published Aug 3, 2025
IBM Personal Communications v14 and v15 include a Windows service that is vulnerable to local... High Unreviewed
CVE-2025-1095 was published Apr 8, 2025
Some Huawei home routers have a connection hijacking vulnerability. Successful exploitation of... High Unreviewed
CVE-2023-7266 was published Dec 28, 2024
Duplicate Advisory: Juju Unprotected Alternate Channel vulnerability High
GHSA-85qf-6845-m8p2 was published for github.com/juju/juju (Go) Oct 2, 2024 withdrawn
A vulnerability exists in Rockwell Automation affected products that allows a threat actor to... High Unreviewed
CVE-2024-6242 was published Aug 1, 2024
NI MeasurementLink Python Services Improper Access Restriction vulnerability High
CVE-2023-4570 was published for ni-measurementlink-service (pip) Oct 5, 2023
Docker Swarm encrypted overlay network may be unauthenticated High
CVE-2023-28840 was published for github.com/docker/docker (Go) Apr 4, 2023
corhere quadespresso
cpuguy83 tianon neersighted laurazard akerouanton
Credited to corhere, quadespresso, cpuguy83, tianon, neersighted, laurazard, and akerouanton
Improper Authentication in Kubernetes High
CVE-2020-8558 was published for k8s.io/kubernetes (Go) Feb 15, 2022
halfcrazy
Credited to halfcrazy
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database